From c15c9836ba4ada34f67aa36d1196ea6fc1ccb647 Mon Sep 17 00:00:00 2001 From: David Klaftenegger Date: Tue, 21 May 2024 21:21:00 +0200 Subject: [PATCH] replace outdated interface cryptography-42.0.0 introduces new interfaces to query certificate lifetime. The only difference is that the UTC timezone is set in the datetime object, instead of the timezone being undefined. However, the old interface now prints deprecation warnings. --- README.md | 2 +- acertmgr/tools.py | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 5132979..d0e371b 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Requirements ------------ * Python (2.7+ and 3.5+ should work) - * cryptography>=0.6 + * cryptography>=42.0.0 Optional requirements (to use specified features) ------------------------------------------------------ diff --git a/acertmgr/tools.py b/acertmgr/tools.py index be1bb69..29efad6 100644 --- a/acertmgr/tools.py +++ b/acertmgr/tools.py @@ -92,12 +92,12 @@ def get_url(url, data=None, headers=None): # @param ttl_days the minimum amount of days for which the certificate must be valid # @return True if certificate is still valid for at least ttl_days, False otherwise def is_cert_valid(cert, ttl_days): - now = datetime.datetime.now() - if cert.not_valid_before > now: + now = datetime.datetime.now(datetime.timezone.utc) + if cert.not_valid_before_utc > now: raise InvalidCertificateError("Certificate seems to be from the future") expiry_limit = now + datetime.timedelta(days=ttl_days) - if cert.not_valid_after < expiry_limit: + if cert.not_valid_after_utc < expiry_limit: return False return True